# 150 NCUA Testifies Before Subcommittee on Digital Assets, Financial Technology, and Inclusion
Download MP3Katie: Do you want to maximize
your success with NCUA?
Join Mark Treichel as he shares with
you the insider's view on passing
your exam with Flying Colors.
The With Flying Colors podcast
is sponsored by Credit Union
Exam Solutions by Mark Treichel.
If you would like to work directly
with the Credit Union Exam Solutions
team and receive support to optimize
your results with NCUA so you save time
and money, visit us at marktreichel.
com to find out more.
mark t: Hey everyone, this
is Mark Treichel with another
episode of With Flying Colors.
For parts of December particularly
around the holidays, I'm going to
be doing some short topic podcasts.
And it just so happens that I saw
A-N-C-U-A express that just came out
that I wanted to do a short podcast on
in light of some other things that are
going on in the credit union world.
So here it is.
And the NCUA express.
By the way, if you do not subscribe to
NCUA Express, it's a good thing to do.
Whenever they publish anything of any
materiality, you get an email that
alerts you to it, you can ignore it,
or it might be something of interest.
And this NCOA Express says NCOA's
Fintech Director testifies before
the Subcommittee on Digital Assets,
Financial Technology, and Inclusion.
And I'm recording this on December 5th.
He testified on December 5th and
he is Charles Weiss, the Director
of Financial Technology and Access.
Now, I will put in the show links
a link to his entire testimony.
But what I wanted to point out was his
reference to third party vendor authority.
NCOA has been looking to regain
third party vendor authority
since its sunset around Y2K.
The trade groups, NAFCU and CUNA, were
very good at getting that sunset language
in, so that NCOA only had that authority.
during Y2K.
Now, the board, since then, and
particularly the current board, Chairman
Harper, is very passionate about
regaining third party vendor authority.
I've made comments in the past
that be careful what you ask for.
You don't want to be the dog chasing
the ice cream truck and then you
get it and you have to figure
out what it is that you're going
to do with that ice cream truck.
When you get it, but while that's still
an issue I think things are going to
heat up on this arena and I think NCUA is
Appropriately going to be heating things
up in this arena and I'll explain why here
in a minute All right So the testimony
says third party vendor authority in
the context of financial innovation
and technology the NCUA needs the
NCUA's need for supervisory examination
authority over credit union service
organizations and third party vendors is
a noteworthy vulnerability for the system.
Other independent entities, including
the Government Accountability Office, the
Financial Stability Oversight Council, and
the NCOA's Office of Inspector General,
have identified this deficiency as
inhibiting the NCOA from fulfilling its
mission to safeguard credit union members.
And it is the NCOA Board's
continuing policy to seek third
party vendor authority from Congress.
Credit unions increasingly partner
with third party vendors to enhance
their products and services, make their
programs cost effective, provide access to
expertise, and promote programs that may
not be feasible if provided independently.
The pandemic has already accelerated
the industry's shift to digital
services, which has increased the
industry's reliance on such vendors.
However, unlike the other federal
banking regulator agencies,
regulatory agencies, the NCOA does
not have supervisory authority over
third party vendors or providers,
leading to a regulatory blind spot.
This lack of oversight puts federally
insured credit unions at a competitive
disadvantage compared to insured
banks and members of credit unions
at greater risk of a significant
breach or technology disruption.
As cyber criminals Foreign adversaries
and money launderers increasingly
target third party service providers to
exploit vulnerabilities across the U.
S.
critical infrastructure sectors.
There is more exposure to the credit
union industry if the NCOA does not
have visibility into these providers.
If Congress reauthorized third party
vendor authority for the NCOA, the agency
will adopt a program that prioritizes
examinations based on the risks related
So the National Credit Union Share
Insurance Fund, safety and soundness,
cyber security, consumer financial
protection, and the Bank Secrecy Act
slash anti money, the Bank Secrecy
Act anti money laundering compliance.
This statutory change would give credit
union members the same protection as
bank customers, resulting in improved
customer service and enhanced protection.
Further, the potential benefit of
vendor authority Include credit union
access to NCOA exam information when
conducting due diligence of vendors.
Fewer requests from the NCOA to credit
unions to intervene with vendors
experiencing problems and fewer
losses to the share insurance fund.
All right, so why is that
increasing in likelihood right now?
If you've been watching the press at all,
you are aware that there was a malware
attack that is impacting Somewhere
north of 50 credit unions and that's
getting a lot of play by the trades.
It's getting a lot of play on
LinkedIn, and it's could be very
likely that when the dust settles
from that, that we will see that NCUA
puts cybersecurity as number one in
their priority letter that comes out.
Remember, it comes out about mid January.
I'll be reporting on it here, giving
you guidance and my thoughts and my
team's thoughts relative to it here.
But in any event, all the board
members talk about cybersecurity,
keeping them up at night.
Potentially we're going to
have a new board member as
soon as this month, I've heard.
Tanya Otsuka could get nominated
soon, the word on the street is.
And I would anticipate with her
connections to Sherrod Brown.
That could give N.
C.
U.
A.
the political juice it would
need to get this change to
the Federal Credit Union Act.
Now, I mentioned earlier the
trades have fought against it.
This could be the first battle that
America's credit unions has to take on.
A battle which is getting harder and
harder to defend and particularly, I
was listening to another podcast about.
The challenges of AI and how that is
creating some issues in in banking
where people are losing their money
because their voice has been copied.
Something that that some of my
relatives have asked me about, Hey,
with your podcast out there, you've
got a lot of your words out there.
Could that could that
lead to an AI situation?
So I'm going to be increasing my
cybersecurity on my personal accounts.
And I have learned quite a bit in that
arena personally, while I don't have
any experts on information system.
systems as part of my team.
And Cua has built a robust cadre of that.
And you can expect that whatever comes
out of this malware attack that in Cua
is going to have some lessons learned
from it and lessons learned is going
to lead to examination steps, it's
going to lead to, in my opinion, as I
mentioned, the priority letter having
cybersecurity number one, as opposed
to number two, three, four, or five.
And that really doesn't matter other
than the fact that it does set the tone.
I'm going to predict that you'll see
at GAC or whatever they're calling it,
I still think they're calling it GAC.
Chairman Harper will talk
about this in his speech.
And he's got the political connections.
He knows how to work Congress.
He did that.
For Senator Sarbanes, and now he's
soon going to be matched with Tanya
Otsuka, and I don't even see how
Kyle Hauptman would want to stand
in the way of this at this juncture.
Especially, again, with AI and
the challenges from that looming.
All right, that's it.
This was a short take.
If you have any ideas on little topics
like this you might want me to cover,
shoot me a note on LinkedIn or on
my email at info at marktreichel.
com.
Thanks for listening.
As always, Mark Treichel
signing off with flying colors.
Thank you for joining us on this episode
of with flying colors, subscribe on
your favorite podcast app to hear future
episodes where subject matter experts
of all varieties will provide tips
on how to achieve success with NCUA.
If you would like to learn more about
how we assist credit unions, check
out our services at marktreichel.
com.
